a whopping $ 75,000 bitcoin or ethereum ransomAttack.Ransom( or $ 100,000 in iTunes gift cards ) it will wipe the lot . First , Apple says its systems haven’t been breachedAttack.Databreach. The company told Naked Security : There have not been any breachesAttack.Databreachin any of Apple ’ s systems including iCloud and Apple ID . The alleged list of email addresses and passwords appears to have been obtainedAttack.Databreachfrom previously compromisedAttack.Databreachthird-party services . So 200m accounts obtainedAttack.Databreachfrom previously compromisedAttack.Databreachthird party services is OK ? Obviously not , but there ’ s no suggestion that Apple itself is responsible for any compromised security . The Turkish Crime Family itself appears to be new on the security scene , believed to have started life in Istanbul but now resident in Green Lanes , north London , according to one report . Helpfully , the organisation has a Twitter account . Another curious facet of the alleged breach is that asking for paymentAttack.Ransomin extremely traceable iTunes vouchers seems more than slightly curious ; why would you not ask for something with a less clean audit trail ? The group itself disputes the amount that ’ s been reported and blames a media relations operative ( presumably the same one who put an email address for media inquiries on the Twitter profile ) : This sum of $ 75,000 is incorrect , this was submitted by one of our old media guys that is not a part of our group . The sum is a lot higher The organisation has posted what it claims is video evidence to the Motherboard site . David Kennerley , director of threat research at Webroot , is among the first to wonder whether the threat is actually real . There are a lot of questions that need to be answered such as , do these hackers really have accessAttack.Databreachto the data they claim ? How did they get hold of such a large amount of data ? Finally , there are still people who believe their Apple hardware is completely safe from malware just because it ’ s Apple . It ’ s great kit and it works beautifully but nobody is safe Logging into and erasing 200 million accounts would take some time . If it started happening , Apple could easily block the attack . Also , they ’ d have to have some sort of server or admin-level access to be able to wipe or delete accounts , or even a single server ’ s-worth of accounts . The Turkish Crime Family having that level of access would either entail an incredibly serious , hitherto unknown breach in Apple ’ s defenses ( improbable ) , or the help of someone on the inside ( more likely , but still doubtful ) . If an Apple user wasn ’ t backing up their entire device to the Apple Cloud , a device that was wiped wouldn ’ t have everything for Apple to restore . I suspect there are quite a few users that don ’ t do Cloud backups , or only back up a portion of their data .
Apple is reassuring customers that its systems have not been breachedAttack.Databreachwhile a hacker , or hackers , threaten to remotely wipe hundreds of millions iPhones of all their data , including photos , videos , and messages . The hackers are using an alleged cache of stolen email accounts and passwords as leverage in an attempt to extortAttack.Ransomthe world ’ s most valuable company . They claim to have accessAttack.Databreachto as many as 559 million Apple email and iCloud accounts , Vice blog Motherboard reported on Tuesday . The group , calling itself “ Turkish Crime Family , ” said it would delete its alleged list of compromised login credentials only after Apple paysAttack.Ransomit $ 75,000 in cryptocurrency , either Bitcoin or rival Ether , or $ 100,000 worth of iTunes gift cards , Motherboard reported . The group has given Apple ( aapl ) a deadline of April 7 to meet its demands . Though Apple has not officially confirmed the authenticity of the data that the hackers say they have , an Apple spokesperson told Fortune in an emailed statement that , if the list is legitimate , it was not obtainedAttack.Databreachthrough any hackAttack.Databreachof Apple . “ There have not been any breachesAttack.Databreachin any of Apple ’ s systems including iCloud and Apple ID , ” the spokesperson said . “ The alleged list of email addresses and passwords appears to have been obtainedAttack.Databreachfrom previously compromisedAttack.Databreachthird-party services ” . A person familiar with the contents of the alleged data set said that many of the email accounts and passwords contained within it matched data leakedAttack.Databreachin a past breachAttack.Databreachat LinkedIn . The company representative declined to elaborate on what steps Apple had taken to monitor the situation . The spokesperson merely noted that such measures , whatever they may be , are “ standard procedure ” . Apple customers who secure their iCloud accounts with the same passwords they use on other online accounts—especially ones at LinkedIn , Yahoo ( yhoo ) , Dropbox , and other sites recently revealed to have suffered big breaches over the past few years—should adopt new passwords that are long , strong , and unique . Many security experts also recommend storing them in a password manager , and activating two-factor authentication , an additional layer of security , where available .